You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Even though we do our best to try to set the file permissions correctly when we generate them - it can happen that sometimes those file permissions get modified by users.
Validator should have a new check to ensure that the permissions are set properly also for other files than executables
Even though we do our best to try to set the file permissions correctly when we generate them - it can happen that sometimes those file permissions get modified by users.
Validator should have a new check to ensure that the permissions are set properly also for other files than executables
plugin-validator/pkg/analysis/passes/binarypermissions/binarypermissions.go
Line 4 in 18ec4dc
Additional checks:
Check that the following permissions are set:
Example of where it failed recently was plugin manifest file called
go_plugin_build_manifest
which is usually generated with755
https://github.com/grafana/grafana-plugin-sdk-go/blob/3bbfa89bed9c0882140eee5004e2657cf9ae2fce/build/common.go#L205
But for some reason ended up being
600
in the following plugin https://grafana.com/api/plugins/oci-metrics-datasource/versions/5.2.0/downloadThis led the
verfiyHash
function to fail and mark plugin as invalid signature / modified signature: https://github.com/grafana/grafana/blob/0220fd588a2ef308ede052da79d5daa91eb33015/pkg/plugins/manager/signature/manifest.go#L264 on Grafana Cloud. We did not catch this locally as we are running Grafana probably with different set of privileges and did not have this issue.The text was updated successfully, but these errors were encountered: